CVE-2026-24110

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may send overly long addDhcpRules data. When these rules enter the addDhcpRule function and are processed by ret = sscanfpRule, " %d\t%^\t\t%^\n\r\t", &dhcpsIndex, dhcpsIP, dhcpsMac;, the lack of size validation for the rules could...

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

CVE-2025-40277

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

CVE-2025-40277

Mode C: Vulnerability: CVE-2025-40277 affects the Linux kernel, specifically drm/vmwgfx. Root cause: insufficient validation of the command header size against SVGA_CMD_MAX_DATASIZE, allowing an input originating from userspace to influence buffer offset calculations and potentially cause an out-...

EUVD-2025-199712

There is a potential OOB Write vulnerability in the genprovstart function in pbadv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size...

CVE-2025-9558

CVE-2025-9558 involves an out-of-bounds write in the Zephyr PB-ADV handling. The vulnerability occurs in gen_prov_start() within pb_adv.c, where the full length of received data is copied into link.rx.buf without validating the data size, potentially leading to memory corruption. Affected softwar...

EUVD-2017-6146

Malware in sbrugna...

EUVD-2021-16122

Malware in sbrugna...

Axios is vulnerable to DoS attack through lack of data size check

...

CVE-2023-30770

A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master ADM due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 and below...

CVE-2023-30770

A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master ADM due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 and below...

PT-2023-22968 · Asustor · Asustor Data Master

Name of the Vulnerable Software and Affected Versions: ASUSTOR Data Master ADM versions 4.0.6.REG2, 4.1.0 and below ASUSTOR Data Master ADM versions 4.2.0.RE71 and below Description: A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master ADM due to the lack of data size...

ASUSTOR Data Master 缓冲区错误漏洞

ASUSTOR Data Master is ASUS China's proprietary operating system on the ASUSTOR NAS, featuring a tablet-like graphical interface comparable to a zero-learning curve, allowing people to get started as soon as they use it. A security vulnerability exists in ASUSTOR Data Master versions prior to...

SUSE CVE-2021-29646

An issue was discovered in the Linux kernel before 5.11.11. tipcnlretrievekey in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8...

An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes aka CID-0217ed2848e8.

...

Linux kernel data size validation error vulnerability

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A data size validation error vulnerability exists in tipcnlretrievekey in net/tipc/node.c in Linux kernel versions...

CVE-2021-29646

An issue was discovered in the Linux kernel before 5.11.11. tipcnlretrievekey in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8...

DEBIAN-CVE-2021-29646

An issue was discovered in the Linux kernel before 5.11.11. tipcnlretrievekey in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8...

Linux kernel 安全漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A data size validation error vulnerability exists in tipcnlretrievekey in net/tipc/node.c in Linux kernel versions...

Bento4 AP4_AvccAtom and AP4_HvccAtom Class Heap Buffer Overflow Vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in the AP4AvccAtom and AP4HvccAtom classes in Bento4 version 1.5.0-617, which stems from the program's failure to properly validate the size of data. An attacker could exploit this vulnerabilit...